How to access Recurly API with AJAX?

Question

I'm using a jquery ajax call to a recurly API endpoint, but I get cross-origin errors. From my understanding, this is because Recurly only returns results as XML... when I use JSONP to get around cross-origin errors, I get an error because it receives the XML data but expects JSONP. Pretty obvious. But I'm trying to understand how exactly can one use this API at all via AJAX calls. I've been successfully able to access the API with PHP, but unfortunately, for this project, I can't use any client-side code.

Even if I find some sort of middle-code solution to get the XML and convert it to JSON for my side to accept, I need to utilize the API for POST requests (creating accounts, subscriptions, etc.) so I would like to understand how to utilize the API properly.

Here is an example of my code:

$.ajax({
  url: "http://[DOMAIN].recurly.com/v2/accounts",
  beforeSend: function(xhr) { 
    xhr.setRequestHeader("Authorization", "Basic " + window.btoa("[API KEY]")); 
  },
  crossDomain: true,
  type: "GET",
  accepts: "application/xml",
  dataType: "application/xml; charset=utf-8",
  success: function (data) {
    console.log("SUCCESS:", data);
  },
  error: function(e){
    console.log("ERROR:", e);
  }});

Anyone with Recurly API experience have any tips/advice?

Answer 1

You should not use the V2 API from the browser. Doing so risks exposing your private API key. If someone has your API key they can make calls charging customers, modifying subscriptions, causing all sorts of problems.

Look at the JSONP endpoints that Byaxy linked to.

Answer 2

From https://docs.recurly.com/api/recurlyjs/jsonp_endpoints

 $.ajax({
 dataType: 'jsonp',
 url: 'https://{subdomain}.recurly.com/jsonp/{subdomain}/plans/{plan_code}',
 data: {
currency: 'USD',
 },
 success: function (data) {
 // do stuff
 },
}